Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.114exploits catalogados
31.649CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.469Referência 19.810GitHub PoC 13.116VulnCheck XDB 8.069Nuclei 4.188Metasploit 3.462✓ só verificadosrecentespopularesrisco
19.791 exploits
Referência
ScozNews 1.2.1 - 'mainpath' Remote File Inclusion
Multiple PHP remote file inclusion vulnerabilities in ScozNews 1.2.1 and earlier allow remote attackers to execute arbit
23RISCO
abrir ↗Referência
CVE-2016-9244
A BIG-IP virtual server configured with a Client SSL profile that has the non-default Session Tickets option enabled may
45RISCO
abrir ↗Referência
CVE-2016-9244
A BIG-IP virtual server configured with a Client SSL profile that has the non-default Session Tickets option enabled may
45RISCO
abrir ↗Referência
b1gbb 2.24.0 - 'footer.inc.php?tfooter' Remote File Inclusion
PHP remote file inclusion vulnerability in footer.inc.php in B1G b1gBB 2.24 allows remote attackers to execute arbitrary
45RISCO
abrir ↗Referência
CVE-2017-17405
Ruby before 2.4.3 allows Net::FTP command injection. Net::FTP#get, getbinaryfile, gettextfile, put, putbinaryfile, and p
45RISCO
abrir ↗Referência
CVE-2015-3087
Integer overflow in Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and
45RISCO
abrir ↗Referência
CVE-2013-2010
WordPress W3 Total Cache Plugin 0.9.2.8 has a Remote PHP Code Execution Vulnerability
60RISCO
abrir ↗Referência
CVE-2013-2010
WordPress W3 Total Cache Plugin 0.9.2.8 has a Remote PHP Code Execution Vulnerability
60RISCO
abrir ↗Referência
CVE-2020-8813
graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a
60RISCO
abrir ↗Referência
CVE-2020-8813
graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a
60RISCO
abrir ↗Referência
CVE-2020-8813
graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a
60RISCO
abrir ↗Referência
CVE-2020-8813
graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a
60RISCO
abrir ↗Referência
BigAnt Server 2.2 - Remote Overflow (SEH)
Stack-based buffer overflow in the AntServer module (AntServer.exe) in BigAnt IM Server in BigAnt Messenger 2.2 allows r
60RISCO
abrir ↗Referência
CVE-2020-11698
An issue was discovered in Titan SpamTitan 7.07. Improper input sanitization of the parameter community on the page snmp
60RISCO
abrir ↗Referência
CVE-2020-11698
An issue was discovered in Titan SpamTitan 7.07. Improper input sanitization of the parameter community on the page snmp
60RISCO
abrir ↗Referência
CVE-2018-20526
Roxy Fileman 1.4.5 allows unrestricted file upload in upload.php.
60RISCO
abrir ↗Referência
CVE-2018-20526
Roxy Fileman 1.4.5 allows unrestricted file upload in upload.php.
60RISCO
abrir ↗Referência
CVE-2005-2428
Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores sensitive data from names.nsf in hid
60RISCO
abrir ↗Referência
CVE-2015-8249
The FileUploadServlet class in ManageEngine Desktop Central 9 before build 91093 allows remote attackers to upload and e
60RISCO
abrir ↗Referência
CVE-2015-8249
The FileUploadServlet class in ManageEngine Desktop Central 9 before build 91093 allows remote attackers to upload and e
60RISCO
abrir ↗Referência
CVE-2019-9978
The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_optio
100RISCO
abrir ↗Referência
CVE-2019-9978
The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_optio
100RISCO
abrir ↗Referência
CVE-2019-9978
The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_optio
100RISCO
abrir ↗Referência
CVE-2018-0824
A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized
100RISCO
abrir ↗Referência
CVE-2014-5073
vmtadmin.cgi in VMTurbo Operations Manager before 4.6 build 28657 allows remote attackers to execute arbitrary commands
60RISCO
abrir ↗Referência
CVE-2014-5073
vmtadmin.cgi in VMTurbo Operations Manager before 4.6 build 28657 allows remote attackers to execute arbitrary commands
60RISCO
abrir ↗Referência
CVE-2017-17560
An issue was discovered on Western Digital MyCloud PR4100 2.30.172 devices. The web administration component, /web/jquer
60RISCO
abrir ↗Referência
SapLPD 6.28 (Windows x86) - Remote Buffer Overflow
Buffer overflow in SAPLPD 6.28 and earlier included in SAP GUI 7.10 and SAPSprint before 1018 allows remote attackers to
60RISCO
abrir ↗Referência
CVE-2014-7868
Multiple SQL injection vulnerabilities in ZOHO ManageEngine OpManager 11.3 and 11.4, IT360 10.3 and 10.4, and Social IT
45RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.